Week 51 In Review – 2013

CCC, 100-gbps, and your own private Shodan – blog.erratasec.com
One of the oldest/biggest “hacker” conventions is the CCC congress every December in Germany. This year, they are promising 100-gbps connectivity to the Internet.

Resources

Quick Joomla Refresher – blog.spiderlabs.com
In this blog post David Kirkpatrick mention some of the tools he used to check the security of a particular Joomla installation and comment upon their effectiveness.

The DNS Census 2013 – dnscensus2013.neocities.org
The DNS Census 2013 is an attempt to provide a public dataset of registered domains and DNS records. The dataset contains about 2.5 billion DNS records gathered in the years 2012-2013.

Crash – labs.portcullis.co.uk
The crash tool is a similar tool than the crash.exe tool from FileFuzz but for OS X. The purpose of this tool is to catch crashes from OS X applications and print debugging information such as registers, disassembled code and a memory dump of the stack.

Capstone – github.com
Capstone is a disassembly framework with the target of becoming the ultimate disasm engine for binary analysis and reversing in the security community.

Techniques

FLYING PIG: GCHQ’s TLS/SSL knowledge base – koen.io
Documents from the ICTR-NE organization at the GCHQ show that it operates a program under the name FLYING PIG that provides analysts with information about secure communications over TLS/SSL. In this article, Koen Rouwhorst described the program on the basis of some actual screen captures of its interface.

OpenIOC Series: Investigating with Indicators of
Compromise (IOCs) – Part I – mandiant.com
The Back to Basics: OpenIOC blog series previously discussed how Indicators of Compromise (IOCs) can be used to codify information about malware or utilities and describe an attacker’s methodology. This blog post will focus on writing IOCs by providing a common investigation scenario, following along with an incident response team as they investigate a compromise and assemble IOCs.

Severe Office 365 Token Disclosure Vulnerability – Research and Analysis – adallom.com
The vulnerability that Adallom labs researched here and the security incident that used it is a bona fide Perfect Crime; a crime where the victim doesn’t know that he’s been hit; a crime where there’s no proof of any foul play anywhere; a crime where protecting yourself against it without being familiar with its modus operandi is next to impossible.

Other News

Exclusive: Secret contract tied NSA and security industry pioneer – www.reuters.com
As a key part of a campaign to embed encryption software that it could crack into widely used computer products, the U.S. National Security Agency arranged a secret $10 million contract with RSA, one of the most influential firms in the computer security industry, Reuters has learned.

About Us

Infosec Events is dedicated to the growing information security industry. We strive to provide useful information and resources to those in the industry. Don't hesitate to contact us should you need anything.